Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6227

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6227
Last Modified 07 Mar 2011 10:15:56
Published 20 Feb 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6227

Summary

SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.

Vulnerable Systems

Application

  • Preproject Pre Multi-vendor Shopping Malls -


References

XF - pmvsm-buyerdetail-sql-injection(46387)

VUPEN - ADV-2008-3018

BID - 32127

MILW0RM - 6999


Last Updated: 27 May 2016 10:49:06